AUG-21-2006CMON) 14:43 



Ormiston & McKinney 



(FAX)208 433 9295 



P. 004/016 



RECEIVED 

CENTRAL FAX CENTER 
AMENDMENTS AUG 2 1 2006 

The following listing of Claims will replace all prior versions and listing of claims 
in the application. 

1. (previously presented) A method for providing a first network resource 
operating on a first network device access to a second network resource operating on a 
second network device, comprising: 

from a third network device, locating a profile using profile data obtained from a 
client device, the profile containing data for identifying and for accessing the second 
network resource; 

from the third network device, supplying the profile to the second network 
resource; 

at the third network device, receiving temporary credentials for accessing the 
second network resource and generated according to the profile, the temporary 
credentials being provided from the second network resource; and 

from the third network device, providing the first network resource with the 
temporary credentials so that the first network resource can provide the second network 
resource with the temporary credentials to access and interact with the second network 
resource on behalf of the cjient device. 

2. (original) The method of Claim 1, further comprising the act of invalidating the 
temporary credentials following a termination event. 

3. (original) The method of Claim 2, wherein the termination event involves the 
lapse of a set time period. 

4. (previously presented) The method of Claim 2 f wherein the termination event 
involves the first network resource accessing the second network resource. 
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5. (previously presented) The method of Claim 1, wherein the temporary 
credentials provide the first network resource with limited access to the second network 
resource, 

6. (previously presented) A method for enabling an application server to access 
a data service, the application server operating on a first network device and the data 
service operating on a second network device, the method comprising: 

the application server instructing a client device to provide profile data to an 
identification service operating on a third network device, the identification service 
having access to one or more profiles used to access one or more data services 
including the data service operating on the second network device, the profile data 
identifying a particular profile; 

the identification service locating the particular profile using the profile data 
received from the client device, the profile containing data for identifying and for 
accessing the data service; 

the identification service providing the profile to the data service; 

the data service generating temporary credentials for accessing the data service 
identified by the particular profile and providing the temporary credentials to the 
identification service; and 

the application server obtaining the temporary credentials from the identification 
service and providing the data service with the temporary credentials to access and 
interact with the data service on behalf of the client device. 

7. (previously presented) The method of Claim 6, wherein the act of instructing 
the client device Includes providing a user interface that includes instructions to send 
profile data to the identification service, and sending the interface to the client device. 

8. (previously presented) The method of Claim 6, wherein the act of instructing 
the client device comprises redirecting the client device to the identification service. 
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9. (original) The method of Claim 6, further comprising the act of invalidating the 
temporary credentials following a termination event 

10. (original) The method of Claim 6, wherein the act of generating temporary 
credentials comprises generating temporary credentials that provide limited access to 
the data service. 

1 1 . (previously presented) The method of Claim 6, further comprising the 
application server generating a framed web page having a first frame and a second 
frame, and providing, for the first frame, content for directing an application, and 
providing, for the second frame, content for selecting one or more electronic files 
managed by the data service identified by the particular profile. 

12. (previously presented) The method of Claim 1 1 , further comprises the client 
device sending a cookie identifying the particular profile upon opening the framed web 
page. 

13. (previously presented) The method of Claim 11, wherein the act of 
generating an interface includes generating an interface that includes instructions to 
request a web bug from the identification service, the method further comprising the 
client device requesting the web bug, the request including a cookie identifying the 
particular profile. 

14. (previously presented) A method for enabling an application server to access 
a data service, the application server operating on a first network device and the data 
service operating on a second network device, the method comprising: 

the application server receiving, from a client device, a request to direct an 
application; 

the application server instructing the client device to provide profile data to an 
identification service operating on a third network device, the identification sen/ice 
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having access to one or more profiles for identifying and accessing one or more data 
services, the profile data identifying a particular profile; 

the identification service providing the data service with the particular profile 
identified by the profile data, the profile containing data for identifying and accessing the 
data service; 

the data service using the profile to generate temporary credentials for accessing 
the data service and providing the temporary credentials to the identification service; 
and 

the application server obtaining the temporary credentials from the identification 
service and providing the data service with the temporary credentials to access and 
interact with the data service on behalf of the client device.. 

15. (previously presented) The method of Claim 14, wherein the act of instructing 
the client device includes generating a user interface that includes instruction to send 
profile data to the identification service, and sending the interface to the client device. 

16. (previously presented) The method of Claim 14, wherein the act of instructing 
the client device comprises redirecting the client device to the identification service. 

17. (original) The method of Claim 14, further comprising the act of invalidating 
the temporary credentials following a termination event. 

18. (previously presented) The method of Claim 14, wherein the act of using the 
profile to generate temporary credentials comprises generating temporary credentials 
that provide limited access to the data service. 

19. (previously presented) The method of Claim 14, further comprising the 
application server generating a framed web page having a first frame and a second 
frame, the method further comprising providing, for the first frame, content for directing 
an application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the data service identified by the particular profile. 
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20. (previously presented) The method of Claim 19, wherein the act of 
generating the framed web page includes generating a framed web page that includes 
instructions to request a web bug from the identification service, and wherein the act 
instructing the client device includes the client device requesting the web bug upon 
opening the framed web page, the request including a cookie identifying the particular 
profile. 

21 . (previously presented) A computer readable medium having instructions for: 
from a third network device, locating a profile using profile data obtained from a 

client device, the profile containing data for identifying and for accessing a second 
network resource operating on a second network device.; 

from the third network device, supplying the profile to the second network 
resource; 

at the third network device receiving temporary credentials for accessing the 
second network resource and generated according to the profile, the temporary 
credentials being provided from the second network resource; and 

from the third network device, providing a first network resource operating on a 
first network device with the temporary credentials so that the first network resource can 
provide the second network resource with the temporary credentials to access and 
interact with the second network resource on behalf of the client device. 

22. (original) The medium of Claim 21 , further having instructions for invalidating 
the temporary credentials following a termination event 

23. (original) The medium of Claim 22, wherein the termination event involves 
the lapse of a set period of time. 

24. (original) The medium of Claim 22, wherein the termination event involves 
the first server accessing the second server. 
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25. (previously presented) The medium of Claim 21, wherein the temporary 
credentials provide limited access to the second network resource. 

26. (previously presented) A computer readable medium having instructions for: 
from a first network device, instructing a client device to provide profile data to an 

identification service operating on a third network device, the identification service 
having access to one or more profiles used to access one or more data services, the 
profile data identifying a particular profile; 

from the third network device, locating the particular profile using the profile data 
obtained from the client device, the profile containing data for identifying and for 
accessing a data service operating on a second network device; 

from the second network device, generating temporary credentials for accessing 
the data service identified by the particular profile and providing the temporary 
credentials to the third network device; and 

at the first network device, obtaining the temporary credentials from the third 
network device and providing the data service with the temporary credentials to access 
and interact with the data service operating on a second network device on behalf of 
the client device. 

27. (previously presented) The medium of Claim 26, wherein the instructions for 
instructing the client device include instructions for generating a user interface that 
includes instruction to send profile data to the identification service, and sending the 
interface to the client device, 

28. (previously presented) The medium of Claim 26, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device to the 
identification service. 

29. (previously presented) The medium of Claim 26, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 
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30. (previously presented) The medium of Claim 26, having further Instructions 
for generating a framed web page having a first frame and a second frame and 
providing, for the first frame, content for directing an application, and providing, for the 
second frame, content for selecting one or more electronic files managed by the 
accessed data service. 

31 . (original) The medium of Claim 30, wherein the instructions for generating 
the framed web page include instructions for generating a framed web page that 
includes instructions to request a web bug from the identification service, the request to 
include a cookie identifying the particular profile. 

32. (cancelled) 

33. (cancelled) 

34. (cancelled) 

35. (cancelled) 

36. (cancelled) 

37. (cancelled) 

38. (previously presented) A computer readable medium having instructions for: 
generating, at a third network device, a profile interface having user accessible 

controls for creating a profile for locating and accessing a data service operating on a 
second network device; 
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from the third network device, creating a profile according to selections made 
through the profile interface, the profile containing data for identifying and accessing the 
data service; 

from the third network device, providing a client device with profile data 
identifying a created profile; 

receiving, at a first network device, a request to access an application; 
from the first network device, Instructing a client device to send profile data; 
receiving the profile data at the third network device; 

from the third network device, retrieving a profile identified by the profile data; 

generating, at the second network device! temporary credentials for accessing a 
data service identified by the retrieved profile and providing the temporary credentials to 
the third network device; and 

at the first network device, obtaining the temporary credentials from the third 
network device and providing the data service with the temporary credentials to access 
and interact with the data service on behalf of the client device. 

39. (previously presented) The medium of Claim 38, wherein the instructions for 
instructing the client device include instructions for generating a user interface that 
includes instruction to send profile data, and sending the interface to the client device. 

40. (previously presented) The medium of Claim 38, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device. 

41. (original) The medium of Claim 38, wherein the instructions for generating 
temporary credentials comprise instructions for generating temporary credentials that 
provide limited access to the data service. 

42. (previously presented) The medium of Claim 38, having further instructions 
for generating a framed web page having a first frame and a second frame, the medium 
having further instructions for providing, for the first frame, content for directing the 
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application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the accessed data service. 

43. (previously presented) The medium of Claim 42, wherein the Instructions for 
providing a client device with profile data comprise instructions for providing the client 
device with a cookie, and wherein the instructions for generating the framed web page 
include instructions for generating a framed web page that includes Instructions to 
request a web bug from the identification service, the request to include the cookie. 

44. (previously presented) A system for providing a first network resource 
operating on a first network device with access to a second network resource operating 
on a second network device, comprising: an identification service operating on a third 
network device, the identification service in network communication with a credential 
module, the credential module operating on the second network device and operable to 
use a profile acquired by the identification service to generate temporary credentials for 
accessing the second network resource, the identification service being operable to 
receive profile data from a client device and to acquire a profile identified by the profile 
data, the credential module and the identification service, together being operable to 
provide the first network resource with the temporary credentials enabling the first 
network resource to provide the second network resource with the temporary 
credentials to access and interact with the second network resource on behalf of the 
client device. 

45. (original) The system of Claim 44, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

46. (original) The system of Claim 45, wherein the termination event involves the 
lapse of a set time period. 

47. (original) The system of Claim 45, wherein the termination event involves the 
first server accessing the second server. 

S/N: 10/065,371 

10 Case: 10013820-1 

Response to Office Action 

PAGE 1216 * RCVD AT 8Q1/2006 4:44:39 PM [Eastern Daylight Time] » SVR:USPTO-EFXRF-5/19 * DNIS:2738300 » CSID:208 433 9295 * DURATION (mm-ss):03-12 



AUG-21-2006CMON) 14:44 Ormiston & McKinney 



(FAX)208 433 9295 



P. 013/016 



48. (previously presented) The system of Claim 44, wherein the credential 
module is further operable to generate temporary credentials that provide limited 
access to the second network resource. 

49. (previously presented) A system for accessing a data service operating on a 
second network device comprising: 

an identification service, operating on a third network device, operable to receive 
profile data from a client device identifying a particular profile and to provide that profile, 
the profile to contain electronic data used to identify the data service; 

a credential module, operating on the second network device, operable to obtain 
the profile from the identification service, generate temporary credentials, and map 
those credentials to the data service identified by the profile and to provide the 
temporary credentials to the identification service; and 

an application server, operating on a first network device, operable to serve an 
interface containing instructions to send profile data to the identification service, to 
obtain the temporary credentials from the identification service, and to provide the data 
service with the temporary credentials to access and interact with the data service on 
behalf of the client device. 

50. (original) The system of Claim 49, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

51. (original) The system of Claim 49, further comprising: 

an application content provider in communication with the application server and 
operable to generate content for directing an application; and 

a data content provider in communication with the application server and 
operable to generate content for selecting electronic files managed by the accessed 
data service. 
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52. (original) The system of Claim 51 , wherein the application server is operable 
to create the interface in the form of a framed web page having a first frame for 
displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
sen/ice, the request to include the profile data. 

53. (original) The system of Claim 51, further comprising a web browser operable 
to request and display the interface in the form of the framed web page and to request 
the web bug providing the profile data to the identification service. 

54. (previously presented) A system for accessing a data service operating on a 
second network device, the system comprising: 

an identification service operating on a third network device and operable to 
generate a profile interface having user accessible controls for creating a profile 
containing electronic data used to identify the data service, to create a profile using 
selections made through the profile interface, to issue instructions to store profile data 
used to access the created profile, to receive, from a client device, profile data 
identifying a particular profile, and to provide that profile; 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service 
identified by the profile and to provide the temporary credentials to the identification 
sen/ice; and 

an application server operating on a first network device and operable to serve 
an application interface that includes instructions to send profile data to the 
identification service, to obtain the temporary credentials from the identification service, 
and to provide the data service with the temporary credentials to access and interact 
with the data service on behalf of the client device. 

55. (original) The system of Claim 54, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 
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56. (original) The system of Claim 54, further comprising: 

an application content provider in communication with the application server and 
operable to generate application content for directing an application; and 

a data content provider in communication with the application server and 
operable to generate data content for selecting electronic files, managed by the 
accessed data service. 

57. (original) The system of Claim 56, wherein the application server is operable 
to create the application interface in the form of a framed web page having a first frame 
for displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data. 

58. (original) The system of Claim 54, further comprising a browser operable to 
request and display the profile and application interfaces. 

59. (cancelled) 



S/N: 10/085,971 

13 Case: 10013820-1 

Response to Off fee Action 

PAGE 15/16 * RCVD AT W21/2006 4:44:39 PM {Eastern Daylight Time] * SVR:U5PTO-EFXRF-5/19 11 DNIS:2738300 ft CSID:208 433 9295 * DURATION (mm-ss):D3.12 



